Policy on Management of Information Technology
This policy replaces:
1. Effective date
1.1 This policy takes effect on July 1, 2007.
1.2 Implementation of the policy requirement related to performance measurement, paragraph 6.1.5 in this policy under "Policy requirements," will come into effect July 1, 2008.
1.3 This policy replaces the Management of Information Technology Policy dated January 17, 1994.
2.1 This policy applies to departments as defined in section 2 of the Financial Administration Act, unless excluded by specific acts, regulations, or Orders in Council.
2.2 Sections 6.2.3 and 7.1 do not apply with respect to the Office of the Auditor General, the Office of the Privacy Commissioner, the Office of the Information Commissioner, the Office of the Chief Electoral Officer, the Office of the Commissioner of Lobbying, the Office of the Commissioner of Official Languages and the Office of the Public Sector Integrity Commissioner. The deputy heads of these organizations are solely responsible for monitoring and ensuring compliance with this policy within their organizations, as well as for responding to cases of non-compliance in accordance with any Treasury Board instruments that address the management of compliance.
3.1 Information technology (IT) plays an important role in government operations. It is also a key enabler in transforming the business of government. Information technology is an essential component of the government's strategy to address challenges of increasing productivity and enhancing services to the public for the benefit of citizens, businesses, taxpayers and employees.
3.2 Deputy heads are responsible for the effective management of IT within their departments, including the implementation of IT spending decisions and ensuring appropriate, ongoing measurement of IT performance.
3.3 This policy is issued pursuant to section 7 of the Financial Administration Act.
3.4 This policy is to be read in conjunction with the Policy Framework on Information and Technology and supporting directives and standards.
3.5 The Treasury Board has delegated to the Secretary of the Treasury Board the authority to issue directives and associated standards in the areas of IT governance and IT strategies to support this policy.
3.6 Additional mandatory requirements will be set out in directives and standards in the areas of IT governance and IT strategies.
4.1 Definitions to be used in the interpretation of this policy are in the Appendix.
5. Policy statement
The objective of this policy is to achieve efficient and effective use of information technology to support government priorities and program delivery, to increase productivity, and to enhance services to the public.
5.2 Expected results
The expected results of this policy are:
- a better understanding on the part of all key stakeholders of their roles and responsibilities with respect to the management of IT in the government;
- strengthened management of IT across the government and better decision-making at all levels, thus ensuring that IT supports program delivery and provides value for money;
- increased use of common or shared IT assets and services by departments and agencies to ensure efficiency gains; and
- responsive services enabled by IT.
6. Policy requirements
6.1 Deputy heads
Deputy heads are responsible for ensuring that:
6.1.1 departments participate in setting government-wide strategic directions for IT;
6.1.2 departmental IT investment plans are integrated into the overall business plans of the department;
6.1.3 common or shared IT assets and services are used in departments to avoid duplication, when such assets and services are available and appropriate;
6.1.4 departmental IT governance structures are established;
6.1.5 performance related to the departmental management of IT is measured on an ongoing basis;
6.1.6 A senior official is designated to represent the department in discussions with the Treasury Board of Canada Secretariat for the purposes of this policy; and
6.1.7 departments provide Treasury Board of Canada Secretariat with information concerning their activities in relation to this policy that involve the development of national and international technology standards.
6.2 Monitoring and reporting requirements
6.2.1 Deputy heads are responsible for monitoring adherence to this policy within their departments, consistent with the provisions of the Treasury Board's Policy on Evaluation and Policy on Internal Audit, and for ensuring that appropriate remedial action is taken to address any deficiencies within their departments.
6.2.2 Deputy heads with national or policy responsibilities related to information technology are responsible for providing to the Treasury Board of Canada Secretariat, on an annual basis, the names and responsibilities of their officers who are involved in national and international IT standards activities, to ensure a comprehensive understanding of the Government of Canada's involvement and contribution.
6.2.3 The Treasury Board of Canada Secretariat will monitor compliance with this policy in a variety of ways, including but not limited to, the following:
- assessments under the Management Accountability Framework;
- examinations of Treasury Board submissions, departmental performance reports, results of audits, evaluations and studies; and
- work performed in collaboration with departments.
6.2.4 Treasury Board of Canada Secretariat will review this policy, its associated directives and standards, and their effectiveness at the five‑year mark of implementation of the Policy (or earlier for certain directives and standards). When substantiated by risk-analysis, the Treasury Board of Canada Secretariat will also ensure an evaluation is conducted.
6.2.5 The Treasury Board of Canada Secretariat will monitor government-wide progress against established strategic IT directions and will measure government-wide IT performance on an ongoing basis.
7.1 Consequences of non-compliance can include informal follow-ups and requests from Treasury Board of Canada Secretariat, external audits, and formal direction on corrective measures.
7.2 Consequences of non-compliance with this policy can include any measure allowed by the Financial Administration Act that the Treasury Board would determine as appropriate and acceptable in the circumstances.
8. Roles and responsibilities of other government departments
Note: This section identifies other departments who have a role in the management of IT. In and of itself, this section does not confer an authority.
The Canada School of Public Service is responsible for the development and delivery of a government‑wide core learning strategy and program for all public service employees involved in the management of IT in consultation with the relevant functional authority centres and consistent with the Policy on Learning, Training and Development.
The Public Service Human Resources Management Agency of Canada (PSHRMAC) is responsible for providing advice and guidance to stakeholders on the full range of sound human resources management strategies including integrated business and human resources planning. Representatives of the PSHRMAC are available to advise the Chief Information Officer Branch of the Treasury Board of Canada Secretariat on recruitment and retention strategies and to share any lessons learned.
Public Works and Government Services Canada is responsible for the management and operation of the common and shared IT services in consultation with departments and the Treasury Board of Canada Secretariat.
Treasury Board of Canada Secretariat is responsible for establishing the overall government-wide strategic directions for IT in consultation with deputy heads; identifying areas that offer significant government-wide benefits or are of importance to the government; and leading initiatives to achieve government-wide solutions and the implementation of government-wide directions with the appropriate common service or shared service organizations that are of importance to the government.
9.1 Treasury Board policies
- Common Services Policy
- Communications Policy of the Government of Canada
- Evaluation Policy
- Government Security Policy
- Management, Resources, and Results Structure Policy
- Policy on Delegation of Authorities
- Policy on Electronic Authorization and Authentication
- Policy on Information Management
- Policy on Internal Audit
- Policy on Language of Work and directives
- Policy on Learning, Training and Development
- Policy on Long-term Capital Plans
- Policy on Management of Materiel
- Policy on Service (new policy)
- Policy on the Duty to Accommodate Persons with Disabilities in the Federal Public Service
- Policy on the Use of Official Languages for Communications with and Services to the Public and directives
- Privacy and Data Protection
- Project Approval
- Policy on Management of Projects
- Risk Management Policy
9.2 Other publications
Please direct enquiries about this policy to the senior official appointed by your deputy head for the purposes of this policy. For interpretation of this policy, this senior official should contact:
Enterprise Technology and Application Strategies (ETAS) Section
Chief Information Officer Branch
Treasury Board of Canada Secretariat
Ottawa ON K1A 0R5
Facsimile: 613- 946-4334
Appendix - Definitions
- Client (client)
- The intended recipient of a service. Clients may be external (citizens, businesses, non-Canadians, or organizations, e.g., non-profit) or internal to government (departments).
- Common service (service commun)
- A service that is provided by a common service organization.
- Common service organization (organisme de services communs)
- A department or organization that is designated as a central supplier of particular services to support the requirements of departments. Common service organizations are listed in Appendix B of the Common Services Policy.
- Information technology (technologies de l'information)
- Includes any equipment or system that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. It includes all matters concerned with the design, development, installation and implementation of information systems and applications to meet business requirements.
- Management of information technology (gestion des technologies de l'information)
- Includes planning, building (or procuring), operating and measuring performance.
- Service (service)
- A means, administered by a program, of producing a final valued output (i.e. service output) to address one or more target group needs.
- Shared service (Service partagé)
- A service that is shared by more than one client.